Page History
...
Table of Contents | ||
---|---|---|
|
Overview
Styleclass | ||
---|---|---|
| ||
- Access
- Report Categories
- System
This section describes the security framework available to you through Yellowfin. It has been set out so that the highest level security features are described first. For instance Access Roles are the highest and easiest to administer form of security whilst column level security is the most granular and by default the most complex to administer over a large user base deployment.
...
Roles & Functions
Styleclass | ||
---|---|---|
| ||
...
See Roles for more information.
Expand | ||||||||
---|---|---|---|---|---|---|---|---|
| ||||||||
If a user’s role does not have access to the dashboard when they login they will be taken to the report list page. A user with dashboard will be taken in to the dashboard page.
|
...
Content Folders
Styleclass | ||
---|---|---|
| ||
The security of your reports is managed at the category folder and subcategory sub folder level, not at the individual item level. The purpose of this is to simplify the creation of reports in the system.
See Content Folders for more information.
Expand | ||||||||
---|---|---|---|---|---|---|---|---|
| ||||||||
Rather than having to specify who is allow to see a specific reports each time you create a new report the security for the report is inherited from the subcategory sub folder of the item that is created.
|
Data Source
...
Access Management
Styleclass | ||
---|---|---|
| ||
The general rule for source system security is that it is used for controlling Yellowfin report writers that wish to create views against the source. It is through this process that a user could write reports against the source system and thereby gain unauthorized unauthorised access to data.
See Data Sources for more information.
Expand | ||||||||
---|---|---|---|---|---|---|---|---|
| ||||||||
If the HR system is to be setup as the source system any user with View Definition access will be able to view all tables including payroll data if the source is unsecure. By securing the source to only HR view builders, only those authorized authorised users will be able to define and manage the HR related views.
Note: If there is only 1 Yellowfin report writers of your Yellowfin deployment, and no additional users writing SQL reports then you may consider leaving your source systems unsecure |
View Access Management
Styleclass | ||
---|---|---|
| ||
...
See View Options for more information.
Expand | ||||||||
---|---|---|---|---|---|---|---|---|
| ||||||||
The Finance view is created. Only the finance department is permitted to write finance view reports. In this case the view would be defined as secure and the finance users would be added into the access list with edit access.
|
Column Access & Restrictions
...
- Create a copy of the view and exclude the salary column from this instance. Save the view with a new name to indicate that the view is free of sensitive data.
- Alternatively Yellowfin provides you with the opportunity to define the columns as restricted columns. Once this has been done an additional layer of security needs to be defined, which allows certain users access to the restricted columns of the selected view.
Note: security to restricted columns is globally defined. You cannot specify different users for separate restricted columns within the view.
Only users with restricted access will be able to see the item when creating reports. When an active report is run, restricted columns will be displayed to all users who have access to the report.
Expand | ||||||||
---|---|---|---|---|---|---|---|---|
| ||||||||
|
Access / Value Based Filters
...
See Access Filters for more information.
Expand | ||||||||
---|---|---|---|---|---|---|---|---|
| ||||||||
|
...